Currently, document.cookie allows setting multiple cookies in a single call.
This is inconsistent with other browsers as well as our documentation:
https://developer.mozilla.org/en/document.cookie
"Note that you can only set/update a single cookie at a time using this method."
This can lead to security problems in web applications: When an external script takes untrusted input (e.g. from a URL parameter), that input can contain line breaks, and thus set multiple cookies to the including web site.
Therefore, we should disallow setting multiple cookies using document.cookie.

Created attachment 525202[details][diff][review]
Patch v2
Let's try this again. Currently running this version through a local "make mochitest-1", will push to cedar if that worked.
This version clears the "a" cookie in the test that sets it.

Comment on attachment 525202[details][diff][review]
Patch v2
This is now passing the tests on Tinderbox.
Transferring r=bz.
Since this affects webapp security I'd like to check this in to the branches too.

Comment on attachment 525202[details][diff][review]
Patch v2
Approved for the mozilla2.0 repository, a=dveditz
Cameron: if you request approval on these using flags it'd be easier to find than watching random IRC conversations ;-)